Hackers linked to a nation-state breached the networks of Ribbon Communications, a major U.S.-based telecommunications services company, and remained undetected for nearly a year, the company confirmed in a statement on Wednesday.
Ribbon Communications, headquartered in Texas, provides technology that supports voice and data communications between various platforms. In a filing with the Securities and Exchange Commission on 23 October, the company revealed that individuals “reportedly associated with a nation-state actor” gained access to its IT systems as early as December 2024.
The breach had not been previously disclosed. It is the latest in a series of cyber incidents where companies central to the global telecommunications ecosystem have been targeted by nation-state attackers.
While Ribbon did not identify the country behind the attack or name affected clients, the company said three smaller customers were impacted. “While we do not have evidence at this time that would indicate the threat actor gained access to any material information, we continue to work with our third-party experts to confirm this,” a spokesperson said. The company added that it has strengthened its network security to prevent future breaches.
According to its SEC filing, “several customer files saved outside of the main network on two laptops do appear to have been accessed by the threat actor.” The company clarified that these included four older files and that there is no indication of government systems being compromised.
Ribbon Communications’ technology connects voice and data systems globally and serves clients such as BT, Verizon, CenturyLink, Deutsche Telekom, SoftBank, TalkTalk and Tata. Its government clients include the U.S. Defense Department, the University of Texas at Austin, the City of Los Angeles and the Los Angeles Public Library.
Experts say the attack highlights a growing pattern of state-backed hackers targeting key service providers. “Unit 42 continues to see advanced nation-state actors increasingly targeting networking and IT service companies that provide key services to government and critical infrastructure organisations,” said Pete Renals, director of national security programmes at Palo Alto Networks.
“Ribbon Communications is a prime example of this trend, given its partnerships with the U.S. military and major infrastructure sectors,” Renals added, noting that such firms remain high-value targets for state-aligned hackers, particularly from China and Russia.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
